VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Ctrl+alt+delete

https://forum.viry.cz:443/viewtopic.php?t=152148

Stránka 1 z 2

Ctrl+alt+delete

Napsal: 20 kvě 2017 22:05
od taumata
Nejde vypnout počítač přes softwarový vypínač+ nejde ctrl+alt+delete.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:04:13, on 20. 5. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\HP\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\HP\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
C:\Users\HP\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\HP\Desktop\hijackthis.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK14/3
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [BingSvc] C:\Users\HP\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [F217B4E389515BBEB70D850165311A2AC9CFEA46._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [World of Warships] "C:\Games\World_of_Warships\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: OMSI Addon Manager.lnk = HP\Desktop\OMSI 2\OMSI Addon Manager\OMSI Addon Manager.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1d32b31c-685f-4efb-a403-84c673660e3a}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{72547b58-0485-4acc-8f11-f1297c0fb9d0}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{8718928d-cbeb-45ea-a621-800a9249001d}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{9851ab4c-cc2e-4c9b-9ef5-bf4f452e5ded}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{990609d1-2a02-49ce-9110-46ae18fa74c7}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{a3146774-b9e3-428b-8be1-34ff9644c48f}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{bb25d7a4-ead1-405f-9864-1c7fe970a886}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{e4ad5eec-d11a-4e90-a1f5-7d07e2c988b1}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{e54f17f2-6f9c-11e6-889a-806e6f6e6963}: NameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{1d32b31c-685f-4efb-a403-84c673660e3a}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Unknown owner - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (file missing)
O23 - Service: Bonjour Service - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - Unknown owner - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Unknown owner - C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files (x86)\Wondershare\Dr.Fone for iOS\Library\DriverInstaller\DriverInstall.exe (file missing)

--
End of file - 15722 bytes

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 10:06
od Rudy
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . HijackThis je už za zenitem.

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 10:28
od taumata
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-05-2017
Ran by HP (21-05-2017 11:26:01)
Running from C:\Users\HP\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-31 16:46:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2155241757-1009964524-706664212-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2155241757-1009964524-706664212-503 - Limited - Disabled)
Guest (S-1-5-21-2155241757-1009964524-706664212-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2155241757-1009964524-706664212-1003 - Limited - Enabled)
HP (S-1-5-21-2155241757-1009964524-706664212-1001 - Administrator - Enabled) => C:\Users\HP
kamila (S-1-5-21-2155241757-1009964524-706664212-1005 - Limited - Enabled) => C:\Users\kamila
sikipedia (S-1-5-21-2155241757-1009964524-706664212-1004 - Limited - Enabled) => C:\Users\sikipedia

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

737 Pilot in Command (FSX - Vista) (HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\737 Pilot in Command (FSX - Vista)) (Version: - )
7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
ACARS MSFS 1.1 (HKLM-x32\...\ACARS MSFS_is1) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Aero Files Billund Airport X (HKLM-x32\...\Aero Files Billund Airport X) (Version: - )
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.1.0.0 - Aerosoft)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.00 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX STEAM Edition (HKLM-x32\...\Airbus A320-A321 - FSX STEAM Edition) (Version: 1.30 - Aerosoft)
aerosoft's - German Airports 1 - Stuttgart X (HKLM-x32\...\{E4298CF5-9C36-4519-9089-FF7A43EA5C5D}) (Version: 1.02 - aerosoft)
aerosoft's - German Airports 3 - 2012 (FSX) (HKLM-x32\...\{857D0DD6-42D4-4BD7-B299-EA70A064302D}) (Version: 1.04 - aerosoft)
aerosoft's - Mega Airport Amsterdam FSX (HKLM-x32\...\{0A297C87-BF52-43FD-AD75-EE72228E4457}) (Version: 1.04 - aerosoft)
Aerosoft's - Mega Airport Frankfurt 2.0 - FSX STEAM Edition (HKLM-x32\...\Mega Airport Frankfurt 2.0 - FSX STEAM Edition) (Version: 2.06 - Aerosoft)
aerosoft's - Mega Airport London Heathrow X (HKLM-x32\...\{2F4AF40B-433A-494E-BB41-816D113F32BA}) (Version: 1.10 - aerosoft)
Aerosoft's - Mega Airport Prag - FSX (HKLM-x32\...\Mega Airport Prag - FSX) (Version: 1.00 - Aerosoft)
Aerosoft's - Mega Airport Zurich V2.0 - FSX (HKLM-x32\...\Mega Airport Zurich V2.0 - FSX) (Version: 1.00 - Aerosoft)
Aerosoft's - Mega Airport Zurich V2.0 - FSX STEAM Edition (HKLM-x32\...\Mega Airport Zurich V2.0 - FSX STEAM Edition) (Version: 1.00 - Aerosoft)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ATC4Real (HKLM-x32\...\com.bajasim.atc4real.pc) (Version: 3.4.0 - UNKNOWN)
ATC4Real (x32 Version: 3.4.0 - UNKNOWN) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
BitTorrent (HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\BitTorrent) (Version: 7.9.9.43389 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CINEMA 4D R14 (HKLM-x32\...\CINEMA 4D R14) (Version: - )
CLIP STUDIO PAINT (HKLM-x32\...\{E4F184C1-E62E-44F0-B142-AB6197490834}) (Version: 1.4.1 - CELSYS)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CS3889 Atentát (HKLM-x32\...\CS3889 Atentát_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dolní Kounice v2.0 (HKLM-x32\...\Dolní Kounice v2.0) (Version: - )
Dolní Kounice v2.1 (HKLM-x32\...\{B997EA27-ADE2-47BC-B4A9-A9187FD8A49E}) (Version: 2.1 - Dyk, Vačice, Bajou)
dr.fone toolkit for iOS (Version 8.0.0) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 8.0.0.45 - Wondershare Software Co.,Ltd.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
EuroScope for VACC-CZ (HKLM-x32\...\{B380FB0A-B123-4327-812C-B6F215813B79}) (Version: 2.0.0 - VACC-CZ.org)
Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
EZdok Camera for Microsoft Flight Simulator X (HKLM-x32\...\EZdok Camera for Microsoft Flight Simulator X) (Version: - )
FaceTrackNoIR Plugin Pack version 2.0.0 (HKLM-x32\...\{99906711-6D71-4058-8073-B05F8D54F1D7}_is1) (Version: 2.0.0 - FaceTrackNoIR Team)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FSrealWX Pro Version 2.03.502 BETA (HKLM-x32\...\FSrealWX Pro_is1) (Version: 2.03.502 - Hanse-Coders)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.218.0 - International GeoGebra Institute)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Deskjet 2540 series Nápověda (HKLM-x32\...\{7103ABDA-EB81-4F1D-BBCC-B76526BF4B5B}) (Version: 30.0.0 - Hewlett Packard)
HP Documentation (HKLM-x32\...\{4B4EDB7B-4F54-4B86-8A4A-E1C5803CA374}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\HP Photo Creations) (Version: 1.0.0.19382 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 72 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180720}) (Version: 8.0.720.15 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LibreOffice 5.2.1.2 (HKLM-x32\...\{30566BDB-4658-461F-AF23-09CF7E2BC1D1}) (Version: 5.2.1.2 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.558 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.558 - LogMeIn, Inc.) Hidden
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes verze 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MarwanSimcheckA300 (HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MarwanSimcheckA300) (Version: - )
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version: - Microsoft Game Studios)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4927.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mini Metro (HKLM-x32\...\1434554947_is1) (Version: 2.0.0.4 - GOG.com)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 cs)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NBTExplorer (HKLM-x32\...\{FC4C8FDD-384C-471F-9E9A-C25B57ABE7A8}) (Version: 2.7.6.0 - Justin Aquadro)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4927.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4927.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4927.1002 - Microsoft Corporation) Hidden
OMSI Addon Manager version 1.2.4 (HKLM-x32\...\{32B08666-1587-435D-988C-7958A04B218A}_is1) (Version: 1.2.4 - Jan Kiesewalter)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
pccleanplus (HKLM\...\pccleanplus) (Version: 2.1 - pccleanplus) <==== ATTENTION
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.1.2730 - Jan Fiala)
PWDT Zlin Z-142 for FSX/P3D (HKLM-x32\...\PWDT Zlin Z-142 for FSX/P3D) (Version: - )
PWDT Zlin Z-142 FSX & P3D (HKLM\...\{CA91D5FD-D411-4371-8B50-E81B5888E275}) (Version: 1 - Pannon Wings Design Team)
Python 2.7 pygame-1.9.1 (HKLM-x32\...\{5D13804A-67B7-49DA-9B15-65B70A83B9C3}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
QGIS Pisa 2.10.1 Pisa (HKLM\...\QGIS Pisa) (Version: - QGIS Development Team)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Renault Karosa Citybus 12M (HKLM-x32\...\Renault Karosa Citybus 12M) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sculptris Alpha 6 (HKLM-x32\...\Sculptris Alpha 6 Alpha 6) (Version: Alpha 6 - Pixologic)
SketchUp 2016 (HKLM\...\{D87EE6DC-32BA-4219-AC75-0A6FD54ED058}) (Version: 16.0.19912 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP Deskjet 2540 series (HKLM\...\{DF4E8547-10D9-41B1-B0D9-0BFE9005836C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Subway Simulator Prague Metro (HKLM-x32\...\Subway Simulator Prague Metro) (Version: 2.0.2 - Wapp)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Trabi mód 1.0 (HKLM-x32\...\Trabi mód) (Version: - )
TrinusVR version 2.0.5 (HKLM-x32\...\{A66AD08F-FC5B-4583-9A7D-4636F5637B2C}_is1) (Version: 2.0.5 - Odd Sheep Ltd.)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Unity (HKLM-x32\...\Unity) (Version: 5.0.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
VAInterface (HKLM-x32\...\{AAD756D7-4DEC-4589-9F1D-AE0DB7DF1620}) (Version: 2.20.3.11642 - Virtual Avionics)
VAT-Spy (HKLM-x32\...\VATSpy) (Version: - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VJoy Virtual Joystick Driver 1.2 (HKLM-x32\...\VJoy Virtual Joystick Driver_is1) (Version: - Headsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VoxATC X (HKLM-x32\...\{ACC4DDD6-3F12-4475-BD68-DCD567BACE41}) (Version: 6.52 - Internal Workings)
vPilot (HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\vPilot) (Version: 2.1.3 - Ross Carlson)
vroute.info (HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\b13f67185021a7a9) (Version: 1.1.1.18 - vroute)
War Thunder Launcher 1.0.1.536 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
Základní software zařízení HP Deskjet 2540 series (HKLM\...\{D8EFF534-A1B8-44C3-8632-B82DC7C10596}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: 16.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2155241757-1009964524-706664212-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E6CF0D8ED327}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2155241757-1009964524-706664212-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2155241757-1009964524-706664212-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B4C6BF-B0B3-4248-8666-5D0785AD4D2D} - \WPD\SqmUpload_S-1-5-21-2155241757-1009964524-706664212-1004 -> No File <==== ATTENTION
Task: {088319B8-A2F9-43AA-B3F7-B49E46B0696A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {18833ABE-1FE9-4F84-A383-9F912CC5169B} - System32\Tasks\Ghasotunet Schedule => C:\Program Files (x86)\Anerfery\ruhty.exe
Task: {33DFA4F3-B3AF-4948-9CBA-56C797C2D7D6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3C872A2F-0691-4B80-BD6E-2905B5C6E479} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {421701AB-809B-46D9-B278-327E0955D66F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {42401B33-D5B2-4EEA-9595-D14D10F7F36B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {43A5AFC7-6103-4BB1-9542-B7F7C41C848A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {49E20408-78BC-45F4-A1FA-FA837A94D315} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {4EF343F2-618E-40A1-AC04-5FAE8412879B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {540F1337-9197-48FB-9CFB-995BEE70D6FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {613705B6-D145-4798-8FE8-F71E86C87311} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {69A09B9C-92BE-4050-845E-3384934F0636} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {6B17002E-6BC1-44ED-9A9B-D5E9CFD7183C} - System32\Tasks\HP AR Program Upload - 96d125e23c1a47199d5b4338614ecc32fdb9680d349d40bcba22cd31c283b02c => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {73482585-E649-484C-88EE-B7A0DD9D4FEA} - System32\Tasks\{DE5F09AB-211C-4FCE-A3F7-F238C743418E} => pcalua.exe -a C:\Users\HP\Desktop\trabi_mod.exe -d C:\Users\HP\Desktop
Task: {766B9DD5-80C4-4F48-A938-B230A7201230} - System32\Tasks\{DC49241D-C9EB-471E-A651-5FF1CB7C9B30} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Survarium\unins000.exe"
Task: {7856A276-2557-405E-9D75-62F4E4D5D86E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7E020C56-A5D6-47A0-9A68-511AF9A2FBDD} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {8FB34FED-0622-40CF-B457-32D3617E0C73} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: {939E9A4A-3AFC-4FFE-B3BB-48D588F92FBB} - \WPD\SqmUpload_S-1-5-21-2155241757-1009964524-706664212-1005 -> No File <==== ATTENTION
Task: {9A3CBE55-2259-4A76-8A29-C41EECD6F8A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9D0D58C2-F4FD-411B-887E-6A32BAEE89A0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A12346AA-6F56-4828-B914-8C83C104742C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\sikipedia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {A698FA74-B107-4EBF-A1CC-9574C2446A5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-14] (Google Inc.)
Task: {B108C429-DEA8-438F-9480-01B435A47687} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {BC6C060E-64D3-4F40-AE98-62B9D176913A} - \WPD\SqmUpload_S-1-5-21-2155241757-1009964524-706664212-1001 -> No File <==== ATTENTION
Task: {D6CBE2E4-EAD0-4F09-BF54-201560F2DD30} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-05-15] (Advanced Micro Devices, Inc.)
Task: {DD0759DD-01EB-4653-94E1-70C05E7A332D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DF66A080-97DC-4402-82EF-BCA8A6EA2543} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E4CBA14C-32A5-42E1-BE6A-1DD70E40761E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {E655075B-8447-46A3-ADFC-CF4F7E541D21} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {E8C461B8-D67C-41CF-9285-7139095C03D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {EA0A6F6E-D734-469D-AB1F-0723C8830CD0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {ED9A801C-FAB6-45B3-BDE6-728BE84EC259} - \Bidaily Synchronize Task -> No File <==== ATTENTION
Task: {F096F46F-8C22-4E8E-8898-8D52EDC90919} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F1F04559-5C53-4F1D-AEEA-3288AC62B5A8} - System32\Tasks\HP Photo Creations Communicator => C:\Users\HP\AppData\Roaming\HP Photo Creations\Communicator.exe [2015-11-06] ()
Task: {F55CC159-434D-4CA0-A7B3-BB704208BDA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {F988E704-2E96-46C9-8729-74400A74D79B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-14] (Google Inc.)
Task: {FDB81647-6077-4101-980D-3E2AE3817139} - System32\Tasks\{C6F8C07D-8BBE-4995-936E-A385F509E6F6} => pcalua.exe -a "C:\Program Files (x86)\YeaDesktop\unins000.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\HP\AppData\Roaming\HP Photo Creations\Communicator.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 15:52 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-03-28 14:31 - 2014-03-28 14:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2017-05-05 16:13 - 2017-05-21 11:16 - 02785072 _____ () C:\Windows\netboostmasterHelp.dll
2015-05-03 09:04 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-05-15 17:05 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-12 15:52 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-04-12 15:52 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-04-04 18:51 - 2016-01-22 13:55 - 00553136 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-08-31 18:58 - 2016-08-31 18:58 - 01864384 _____ () C:\Users\HP\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2017-03-22 20:37 - 2017-01-31 14:34 - 08909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-09-15 20:42 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 10:25 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 10:25 - 2017-03-04 08:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-03-16 10:26 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 10:26 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 10:26 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 15:52 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 15:52 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-19 14:14 - 2017-05-19 14:14 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-19 14:14 - 2017-05-19 14:14 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-19 14:14 - 2017-05-19 14:14 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-19 14:14 - 2017-05-19 14:14 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2016-09-16 15:38 - 2016-09-16 15:38 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2015-04-14 19:56 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-14 19:56 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-14 19:56 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-14 19:56 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-14 19:56 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-14 19:56 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-14 19:56 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-14 19:56 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-14 19:56 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-14 19:56 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-14 19:56 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-11 16:07 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2014-10-16 19:48 - 2014-03-31 11:56 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-14 20:36 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-04-14 19:56 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-08-31 18:54 - 2016-08-31 18:55 - 01383616 _____ () C:\Users\HP\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2017-03-22 20:37 - 2017-01-31 12:14 - 08909512 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-05-04 22:18 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2155241757-1009964524-706664212-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "LogitechVideoRepair"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "BestZiper"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\StartupApproved\StartupFolder: => "OMSI Addon Manager.lnk"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\StartupApproved\Run: => "F217B4E389515BBEB70D850165311A2AC9CFEA46._service_run"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{72864D16-381A-4840-BF74-593B995ACBD8}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4333D88D-1AE1-4DD7-BED9-E976D4648D3B}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{CF1CABD5-56EC-4F49-BF9B-0CEC57C3B139}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DC8DF1D3-F2E1-4144-906F-75B7E1E958E0}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E4C4D1EB-F72F-42EA-B9E2-2BDEFE496C3F}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{07D47DC9-14A0-40EB-AA86-96C7CF6680D2}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1F4F7883-0D19-429E-9804-77EC8BFAEF82}] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{37EC0229-A29E-4F8E-AAEB-0E2DA5CF33A9}] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{CAADE480-C493-4E95-8875-85366191341B}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{7153093A-D292-49D5-9E4B-444D143045E7}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{06F38F1B-1722-4515-829E-D33625360FDC}] => (Block) C:\python27\pythonw.exe
FirewallRules: [{4CC636E4-8542-47AF-BE3E-88085FFEF4CA}] => (Block) C:\python27\pythonw.exe
FirewallRules: [UDP Query User{E2241F6E-6DEE-4C44-81DE-571148535D47}C:\python27\pythonw.exe] => (Allow) C:\python27\pythonw.exe
FirewallRules: [TCP Query User{66041DED-3B09-40C6-9440-F187AB432635}C:\python27\pythonw.exe] => (Allow) C:\python27\pythonw.exe
FirewallRules: [{D97CEC00-58E6-41C5-9CE7-01E33AC663D3}] => (Block) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{1F82890B-13F7-40E4-8FB3-598673F07C8C}] => (Block) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{C4B6AC6D-72DB-4AF1-A19F-887DA25E0C06}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [TCP Query User{454313B2-EC8C-4E82-8121-CB0012FABF70}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{D2056ACA-0972-4EBE-B098-1251C21BA326}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{AB279281-980B-40D2-A3C7-CE57AE1C6711}] => (Allow) LPort=5357
FirewallRules: [{39D74A0A-1923-435E-B1B0-E661B769C249}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{9F21262F-4FAF-4528-8A96-FA53A379D209}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6B059CC9-10B7-4B0E-B7F4-92CE19E34949}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [UDP Query User{606A7B13-AF4F-4D9E-8682-EDE9EFA19A91}C:\users\hp\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\hp\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8A6AE5FB-93E0-4C62-87D0-7A9F18465C10}C:\users\hp\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\hp\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{CCFF80D4-CCFE-446B-88BF-CDC5B91ADF6C}] => (Allow) LPort=1900
FirewallRules: [{16A0A110-C7C2-422D-8F2D-F6D69C69EE3C}] => (Allow) LPort=2869
FirewallRules: [{EF981C25-8EB8-4D30-BACF-60A1B0658953}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{4EACE67E-68E1-4DF3-966E-EC2B750A9BF9}C:\program files (x86)\trinusvr\tgserver.exe] => (Block) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{1F894C4F-19CF-41D7-A91E-1FE31842559F}C:\program files (x86)\trinusvr\tgserver.exe] => (Block) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [{FDB8D09F-81BA-4B44-94D2-AAA0A6FE2F02}] => (Block) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{EDF9B4C0-F696-42F9-BC08-DEAD1907C846}] => (Block) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{24CCF037-83AC-4DED-B92F-1371D0423390}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{3B9AD10C-C299-47DD-B73A-9F49B5BD0CFF}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{59093C3E-C335-4DB4-8BF4-99A43C72ACED}C:\warthunder\aces.exe] => (Allow) C:\warthunder\aces.exe
FirewallRules: [TCP Query User{5A9D93AD-821C-425E-9429-E44C4EF66291}C:\warthunder\aces.exe] => (Allow) C:\warthunder\aces.exe
FirewallRules: [{03A36793-7512-4A60-897F-3917DD907771}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{49DA2646-8B8C-407E-85C2-24BCEEBE6DAA}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{17177DAE-3F97-4251-B372-D9145A142E81}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{6784A925-BE5F-4741-A6CC-3321FE2F7C79}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{FAE02B5D-881B-42C2-A189-502F79F6CE29}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{D41DFA48-4B2D-4E92-A0C8-ABD63103CFE0}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{7A179E18-69A3-49B3-A35A-25F5C12C2E71}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{8DD8DCAA-7541-42B6-BDE3-86C4F40D5F32}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{A2AF7FEA-C28A-4B00-99D3-5F759AAB076A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68209813-A053-48CB-9397-2AAB5B070ECD}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{48FC0696-9EFC-48F3-99FA-C8549071D5BA}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [UDP Query User{499942F9-009F-44D1-8760-92605D784701}C:\users\hp\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\hp\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{B86EFB28-33F0-4B9B-B17A-81416BF4213F}C:\users\hp\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\hp\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{BF184C89-C11C-4A36-A709-163E15FA2D69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{68FF806A-5051-48B4-8171-A961FE1EA92D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{69D1312E-B785-46A8-AE00-E2975AAF951A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{955ADFC8-D905-4D3A-8B59-36400CC3DD96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{6D3F9461-E02A-4AC9-94DD-C8ECDB8A1380}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{5AB57F27-6CFC-4575-A17B-5E7FBD928BC5}] => (Block) C:\python27\python.exe
FirewallRules: [{817E22BD-7B5C-49FD-9201-E7E745A185CF}] => (Block) C:\python27\python.exe
FirewallRules: [UDP Query User{60958E76-0C90-4FEF-A6FB-96035E042AA6}C:\python27\python.exe] => (Allow) C:\python27\python.exe
FirewallRules: [TCP Query User{1C1D1F63-637A-42A1-9F21-81144A3E3E81}C:\python27\python.exe] => (Allow) C:\python27\python.exe
FirewallRules: [{59D035EF-D6B6-4250-AE91-B70758C4AD8D}] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{F4F7B2E9-4956-45E6-A3A8-FAB52B45A595}] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{036F9064-AD4A-4F52-B756-4FCF2DA1207F}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{BF28280A-F1CC-48AD-A29A-35D30A448781}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{02264038-5D03-472F-9749-722588BF1BA3}] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{A6DA240D-0A06-4E47-ACBD-65A336FD3CC7}] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{6E5C0F13-93F0-4473-80A8-536E734C4775}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{6F25AD3C-D225-4272-A423-59E13FBCAB9C}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{48599E36-AF25-48CB-8616-308DD859B477}] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [{FDCB2609-B302-415F-B488-43BE5FEB11CF}] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{B5F757B6-3FA1-47F8-A212-9E3625644708}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{1751B8FC-AAC3-4554-BAB1-B592FAD94833}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{5B899690-7FB8-4AAD-A3C5-DC02EF3715B1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{00E95D44-262D-4C3E-8734-64D9A71970FE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1AB165B2-EEAD-413A-884C-251BFCF3838F}] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{D05FC688-BA81-4472-8C26-6F6915F91DC6}] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{4F58D444-9633-410D-BE8B-24C7113470EF}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{95AF845E-6A7D-44C2-BE26-2C8415377A2D}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{2EA7769D-3A32-4057-9BB2-AAC07E7F1E47}] => (Block) C:\users\hp\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1D7570D1-3708-4E28-9DEE-FD33C025CBF3}] => (Block) C:\users\hp\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{DA435D7D-F222-4CA9-9AA6-77757FADC0B5}C:\users\hp\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\hp\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{FEAAF96E-02BD-4FDC-8697-D722FEC9DD85}C:\users\hp\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\hp\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A3F6CEF6-EC64-44AC-8F40-13A63D91B23F}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{9494D013-E86A-48A2-9BF4-B0FD18793BB7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{400C58E7-0201-4DE8-A192-243DA1DFF58F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{F58B0E76-EB2C-43B1-BE49-B6637EDA8068}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{20F4A3D3-1224-43FC-9917-94787D999F3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{E5969C33-2440-4EAA-A1D0-F00DF5D46B4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{5FA35F28-EB69-4157-80CF-E97F1386CAC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{0167EC2B-F8C2-4AFE-BA44-83F7750C2705}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [UDP Query User{C47BEBE6-D8D6-4EDD-B626-48CFF451121A}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{AC28CE84-A374-4AD7-8426-A0CBFF25F69C}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{92A01F98-4F54-4DD0-95CA-1AAC7944661A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{74D1202B-BE7B-4BF3-AC8E-F1A34A7A7BC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{79D299B6-2285-4707-9199-54F2B6ACE8D9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{119D8990-F1BC-453B-85E4-5CC3B8925263}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3BC6D97E-51AF-4496-AE7E-4BD68483E415}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BEC0D13F-6375-408C-B269-581583095060}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BB45EEE5-BB29-4CD7-B552-F2435AF37029}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{08040B5B-2F65-4661-B7BF-AF687823ED14}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C14A923B-B916-49EA-A8D5-086C22D3DBC8}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{89CDEA78-F505-43A1-A2A5-959C1BCDDADD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0CF235E7-E597-4A16-9D4A-224392923101}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2404D87B-6145-42D5-AC84-039BC2583C06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7226C7A2-9892-447B-B7DB-1649291537B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E899131E-BB71-4B17-932B-367E4E8AAF0C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{242018C2-C2EF-47A2-A378-72A8C880AE79}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C476C65C-9396-4A03-9E2E-B867047B241A}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [TCP Query User{44339F31-5A50-4CA9-9420-174EF31F6AE8}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{75F70797-EE8B-46FB-BFAE-D6BE27C5C89F}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{9AE06E18-9067-48B1-8452-BDDC38A5E56E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{8BE46EEA-F54D-4C2B-8920-D1F1BBDDC868}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{670D5B77-1D0B-4274-8CA6-2A3C9BDAADA2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F5BEB983-5623-4286-8CE9-130FF2C6CCF6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{6DFA4B3D-EE97-4917-BF4D-459EFAF67A47}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D09BE2AD-FBE6-4FDB-9150-CF1803912128}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{DC147D70-996E-4827-87D6-29751CA5CC26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{63E4CC35-6D37-42E0-AD02-B6AF3FE9767E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{4CC2C1D5-7B37-4B6A-A302-08E7B2E11FF4}C:\users\hp\desktop\etd_server.exe] => (Allow) C:\users\hp\desktop\etd_server.exe
FirewallRules: [UDP Query User{70CD9E44-DA11-4CE3-9939-CFF9BE148B41}C:\users\hp\desktop\etd_server.exe] => (Allow) C:\users\hp\desktop\etd_server.exe
FirewallRules: [{DC5F6F3A-BE63-4A42-9D4A-4BD91CA6F55D}] => (Block) C:\users\hp\desktop\etd_server.exe
FirewallRules: [{729D9653-73F2-4CB9-BCBD-F02C07DC2808}] => (Block) C:\users\hp\desktop\etd_server.exe
FirewallRules: [TCP Query User{2F184F97-02BB-43F0-8D5A-CC72B3B70E99}C:\program files\java\jre1.8.0_72\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_72\bin\javaw.exe
FirewallRules: [UDP Query User{36E653BF-FF01-46DB-9F65-E6CF7F1D419B}C:\program files\java\jre1.8.0_72\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_72\bin\javaw.exe
FirewallRules: [{DF7DDDFB-514D-4776-BA10-E6B5DF73FB61}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{00EC6839-A2D8-4A37-917F-A6D4D4665BAD}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D2B609D3-9FFF-4D08-9C75-489816DCA7BC}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{CB3B6CDA-516D-476A-9B37-9E3A11F25369}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{6DA83AA1-39C6-4FC8-BA0C-F924A8DE2082}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9EF9D23D-6401-458E-83DA-BD161C05B83D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{38773E79-B007-43D8-8567-70C263676D1C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6237CA48-491A-4B97-8498-6F43EB5CF5F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1E77D1B2-8B1E-4DA3-9EDD-DAF5612C3A06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{48304AD2-82BA-4B2B-988E-07F43F7F7E2D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{F7D51EC0-134F-4EE4-BF89-136ABECC1C3E}C:\users\hp\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\hp\appdata\local\vpilot\vpilot.exe
FirewallRules: [UDP Query User{F77AB4DB-4C47-45AB-A961-891D7B497ED2}C:\users\hp\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\hp\appdata\local\vpilot\vpilot.exe
FirewallRules: [{9BD5EB69-9F62-48D6-9FD9-52476FE2A8FC}] => (Block) C:\users\hp\appdata\local\vpilot\vpilot.exe
FirewallRules: [{9210BE91-C5F8-4672-855F-A3E4DACF98E3}] => (Block) C:\users\hp\appdata\local\vpilot\vpilot.exe
FirewallRules: [TCP Query User{9BFF94DE-C3B2-4D8D-8966-7C928505D08F}C:\program files (x86)\internal workings\voxatc x\voxatcserver.exe] => (Allow) C:\program files (x86)\internal workings\voxatc x\voxatcserver.exe
FirewallRules: [UDP Query User{B6CC0FC5-EC7A-4409-B3FE-35FA5C97E8E7}C:\program files (x86)\internal workings\voxatc x\voxatcserver.exe] => (Allow) C:\program files (x86)\internal workings\voxatc x\voxatcserver.exe
FirewallRules: [{10DE5324-91CD-41D9-8870-054A4CC8C463}] => (Block) C:\program files (x86)\internal workings\voxatc x\voxatcserver.exe
FirewallRules: [{83DAB4E7-D01E-4493-B798-A59C21BAC857}] => (Block) C:\program files (x86)\internal workings\voxatc x\voxatcserver.exe
FirewallRules: [{03FCA3B1-BDCE-4E96-B77F-0E3D9C93B35E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{713F18C3-B0EF-4ED5-94A1-4037FE6B0A5B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{FCF85670-9120-42A5-A9DA-15E765D4B922}C:\euroscope for vacc-cz\program\euroscope.exe] => (Allow) C:\euroscope for vacc-cz\program\euroscope.exe
FirewallRules: [UDP Query User{6C79C287-1361-4265-909F-41AA42F7E381}C:\euroscope for vacc-cz\program\euroscope.exe] => (Allow) C:\euroscope for vacc-cz\program\euroscope.exe
FirewallRules: [{6D14C509-8F3E-4882-9489-FBBDEE6EA64C}] => (Block) C:\euroscope for vacc-cz\program\euroscope.exe
FirewallRules: [{4FDC2993-DF04-4474-BA9A-605B36D2ED07}] => (Block) C:\euroscope for vacc-cz\program\euroscope.exe
FirewallRules: [TCP Query User{076F7081-7567-42EE-B987-2A65525A3897}C:\program files (x86)\steam\steamapps\common\fsx\aerosoft\airbus a320_a321\airbusxconnectextended.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fsx\aerosoft\airbus a320_a321\airbusxconnectextended.exe
FirewallRules: [UDP Query User{A37CFFE0-2376-4B42-B8EF-8B8F723FC82E}C:\program files (x86)\steam\steamapps\common\fsx\aerosoft\airbus a320_a321\airbusxconnectextended.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fsx\aerosoft\airbus a320_a321\airbusxconnectextended.exe
FirewallRules: [{4690152F-FCA3-4A9E-B95F-5EFACB77637A}] => (Block) C:\program files (x86)\steam\steamapps\common\fsx\aerosoft\airbus a320_a321\airbusxconnectextended.exe
FirewallRules: [{29564F8A-8882-4C97-BAE5-31C1111C7B85}] => (Block) C:\program files (x86)\steam\steamapps\common\fsx\aerosoft\airbus a320_a321\airbusxconnectextended.exe
FirewallRules: [TCP Query User{EFD96EF2-8A56-44EC-9A61-5FDCE2FB453F}C:\program files (x86)\virtual avionics\vainterface\vainterface.exe] => (Allow) C:\program files (x86)\virtual avionics\vainterface\vainterface.exe
FirewallRules: [UDP Query User{76CEEB40-0B99-4DD3-A5BC-90B23CDE46D3}C:\program files (x86)\virtual avionics\vainterface\vainterface.exe] => (Allow) C:\program files (x86)\virtual avionics\vainterface\vainterface.exe
FirewallRules: [{AEC0CE82-EDF0-4CF4-B44B-0FA6E0CBFED6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DAE5FE38-A92F-4746-A529-1CC517641C48}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4C10A325-C70C-4EED-A162-0CE9042D36B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{75C79F8A-4D7A-4B2E-AC00-628AD59DF1C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D9E277A9-01A5-4C00-80CF-E73D1BED10BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CEFB532C-697D-4138-81CC-3628BA61D0E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9BA85ACF-724B-4B69-9A87-087CEE2A6391}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{21AFF645-A32A-4DAD-8B7E-8CE2CDBB4A70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A5B11AA4-AFAD-4A2E-9F3B-58981E1A572E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{B8A1D367-AF1A-49F7-98ED-319303730347}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{3567A56A-807B-426C-868B-3796F4990993}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{3CE501F8-C765-4495-812F-A1B6015FC775}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{26A9126F-7982-4B3B-BC30-8A0175F437CD}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe

==================== Restore Points =========================

Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/21/2017 09:46:52 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/20/2017 11:04:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSPad.exe, verze: 4.6.1.2730, časové razítko: 0x577ac050
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x00000000
ID chybujícího procesu: 0x12f4
Čas spuštění chybující aplikace: 0x01d2d1aca2966b83
Cesta k chybující aplikaci: C:\Program Files (x86)\PSPad editor\PSPad.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9eda6cb1-71e4-41f5-a896-88c7621aabc5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/20/2017 10:59:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSPad.exe, verze: 4.6.1.2730, časové razítko: 0x577ac050
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x00000000
ID chybujícího procesu: 0x316c
Čas spuštění chybující aplikace: 0x01d2d1ac0afc0faa
Cesta k chybující aplikaci: C:\Program Files (x86)\PSPad editor\PSPad.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1064e04c-e604-4b9b-aa42-428fb6b32b42
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/20/2017 10:59:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSPad.exe, verze: 4.6.1.2730, časové razítko: 0x577ac050
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x00000000
ID chybujícího procesu: 0x2448
Čas spuštění chybující aplikace: 0x01d2d1abef998da1
Cesta k chybující aplikaci: C:\Program Files (x86)\PSPad editor\PSPad.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e5f7380f-112c-4859-a660-c93eb75699ea
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/20/2017 10:51:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/20/2017 10:51:19 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy5

Error: (05/20/2017 10:51:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.953, časové razítko: 0x58ba5a2f
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.953, časové razítko: 0x58ba5a2f
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x23d0
Čas spuštění chybující aplikace: 0x01d2d1aad4eee0d9
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: ce73ab9c-ed7f-45db-99bc-ced96f11b31c
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (05/20/2017 10:48:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/20/2017 10:48:32 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy5

Error: (05/20/2017 10:48:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.953, časové razítko: 0x58ba5a2f
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.953, časové razítko: 0x58ba5a2f
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x19f4
Čas spuštění chybující aplikace: 0x01d2d1aa712a672b
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: 9ebc6f5f-3fa5-460c-b867-c789f63c3a6a
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI


System errors:
=============
Error: (05/21/2017 11:21:41 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/21/2017 11:20:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/21/2017 11:18:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/21/2017 11:16:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ss_conn_service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/21/2017 11:16:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WsAppService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/21/2017 11:16:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bonjour Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/21/2017 11:16:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EIO neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (05/21/2017 11:16:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/21/2017 11:16:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba igfxCUIService2.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/21/2017 11:16:18 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:01:22, ‎21/‎05/‎2017) bylo neočekávané.


CodeIntegrity:
===================================
Date: 2017-05-21 11:16:58.826
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-21 11:01:56.467
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-21 10:19:00.684
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-21 10:06:49.092
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-21 09:42:57.005
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-20 21:11:36.776
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-20 21:03:46.953
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-20 16:42:56.187
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-20 12:06:23.895
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-20 11:28:01.551
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\EIO64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460S CPU @ 2.90GHz
Percentage of memory in use: 50%
Total physical RAM: 6049 MB
Available physical RAM: 3012.6 MB
Total Virtual: 6433 MB
Available Virtual: 3170.45 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:917.09 GB) (Free:469.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery Image) (Fixed) (Total:12.5 GB) (Free:1.57 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2DD9DDD9)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 11:10
od Rudy
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 12:01
od taumata
# AdwCleaner v6.047 - Logfile created 21/05/2017 at 12:51:18
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-19.1 [Local]
# Operating System : Windows 10 Home (X64)
# Username : HP - PC
# Running from : C:\Users\HP\Desktop\adwcleaner_6.047.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\download.howtosimplified.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\free.videodownloadconverter.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\howtosimplified.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\howtosimplified.dl.myway.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\myway.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\videodownloadconverter.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\videodownloadconverter.dl.myway.com
Key Found: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
Key Found: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
Key Found: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
Key Found: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
Key Found: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Key Found: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Key Found: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Key Found: HKU\.DEFAULT\Software\UpgSvr
Key Found: HKU\S-1-5-21-2155241757-1009964524-706664212-1001\Software\Installer
Key Found: HKU\S-1-5-21-2155241757-1009964524-706664212-1001\Software\PC
Key Found: HKU\S-1-5-21-2155241757-1009964524-706664212-1001\Software\PopWnd
Key Found: HKU\S-1-5-21-2155241757-1009964524-706664212-1001\Software\UpgSvr
Key Found: HKU\S-1-5-18\Software\UpgSvr
Key Found: HKCU\Software\Installer
Key Found: HKCU\Software\PC
Key Found: HKCU\Software\PopWnd
Key Found: HKCU\Software\UpgSvr
Key Found: HKLM\SOFTWARE\Jawego
Key Found: HKLM\SOFTWARE\PC
Key Found: HKLM\SOFTWARE\jhdbca
Key Found: HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Key Found: [x64] HKCU\Software\Installer
Key Found: [x64] HKCU\Software\PC
Key Found: [x64] HKCU\Software\PopWnd
Key Found: [x64] HKCU\Software\UpgSvr
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\pccleanplus
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ttdetect.staticimgfarm.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\utop.it
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ttdetect.staticimgfarm.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\utop.it
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it
Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [BestZiper]


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6029 Bytes] - [21/05/2017 12:27:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [5792 Bytes] - [21/05/2017 12:26:38]
C:\AdwCleaner\AdwCleaner[S1].txt - [5013 Bytes] - [21/05/2017 12:51:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5086 Bytes] ##########

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 14:03
od Rudy
ADW nemazal, neklikl jste na mazání. Zkuste to ještě jednou.

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 15:17
od taumata
Smazal, akorát to potom restartovalo pc. Jak uz jsem rikal, pc restartovat z softwaru nejde a tak jsem mu musel pomoct tlačítkem.

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 15:29
od Rudy
Dejte nový log FRST.

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 16:04
od taumata
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
Ran by HP (administrator) on PC (21-05-2017 17:01:49)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP & sikipedia & kamila)
Platform: Windows 10 Home Version 1607 (X64) Language: Angličtina (Spojené království)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(© 2015 Microsoft Corporation) C:\Users\HP\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(BitTorrent Inc.) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(BitTorrent Inc.) C:\Users\HP\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
(BitTorrent Inc.) C:\Users\HP\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-03-28] (Hewlett-Packard )
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-29] (Raptr, Inc)
HKLM-x32\...\Run: [LogitechVideoRepair] => C:\Program Files (x86)\Logitech\Video\ISStart.exe
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [BingSvc] => C:\Users\HP\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-13] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [F217B4E389515BBEB70D850165311A2AC9CFEA46._service_run] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [BitTorrent] => C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe [1982152 2017-03-20] (BitTorrent Inc.)
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [World of Warships] => "C:\Games\World_of_Warships\WargamingGameUpdater.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {02e0aabc-57c4-11e6-82c4-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {2332b6ab-1056-11e7-82e1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {2332b6b9-1056-11e7-82e1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {414bfc3a-089a-11e6-82b0-54bef724c525} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {555049cc-739a-11e6-82ca-54bef724c525} - "I:\CDSAMPLE\AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {90f122a6-c90d-11e6-82da-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {9d30ffeb-29dc-11e7-82e6-54bef724c525} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {d84b09d9-98ed-11e6-82d1-54bef724c525} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {e633911b-4fdc-11e6-82c1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OMSI Addon Manager.lnk [2016-06-14]
ShortcutTarget: OMSI Addon Manager.lnk -> C:\Users\HP\Desktop\OMSI 2\OMSI Addon Manager\OMSI Addon Manager.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.38.0.4 10.38.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{1d32b31c-685f-4efb-a403-84c673660e3a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{1d32b31c-685f-4efb-a403-84c673660e3a}: [DhcpNameServer] 10.38.0.4 10.38.0.1
Tcpip\..\Interfaces\{72547b58-0485-4acc-8f11-f1297c0fb9d0}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{72547b58-0485-4acc-8f11-f1297c0fb9d0}: [DhcpNameServer] 10.38.0.4 10.38.0.1
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9851ab4c-cc2e-4c9b-9ef5-bf4f452e5ded}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9851ab4c-cc2e-4c9b-9ef5-bf4f452e5ded}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{990609d1-2a02-49ce-9110-46ae18fa74c7}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a3146774-b9e3-428b-8be1-34ff9644c48f}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bb25d7a4-ead1-405f-9864-1c7fe970a886}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{e4ad5eec-d11a-4e90-a1f5-7d07e2c988b1}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{e54f17f2-6f9c-11e6-889a-806e6f6e6963}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/3
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/3
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/3
SearchScopes: HKLM -> {21770231-3917-4196-880B-E52035F3B9BB} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UT ... earchTerms}
SearchScopes: HKLM-x32 -> {21770231-3917-4196-880B-E52035F3B9BB} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UT ... earchTerms}
SearchScopes: HKU\S-1-5-21-2155241757-1009964524-706664212-1001 -> {21770231-3917-4196-880B-E52035F3B9BB} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UT ... earchTerms}
SearchScopes: HKU\S-1-5-21-2155241757-1009964524-706664212-1001 -> {551E87DA-023F-4702-A254-03A6855BF46D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-01-28] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-04] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-04] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: fiuj1dqg.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\fiuj1dqg.default [2017-05-21]
FF user.js: detected! => C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\fiuj1dqg.default\user.js [2017-04-17]
FF NewTab: Mozilla\Firefox\Profiles\fiuj1dqg.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\fiuj1dqg.default -> initialpage123
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\fiuj1dqg.default -> initialpage123
FF Homepage: Mozilla\Firefox\Profiles\fiuj1dqg.default -> hxxp://www.google.cz/
FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-28] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-31] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2155241757-1009964524-706664212-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\HP\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-2155241757-1009964524-706664212-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR HomePage: Profile 3 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Profile 3 -> "hxxp://www.google.com/ig/redirectdomain?brand=INVC&bmod=INVC"
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2017-05-12]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (GeoGebra Math Apps) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-23]
CHR Extension: (Doplněk pro DámeJídlo) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cllhabecdhkflmjpoimkheipdagjobbl [2017-03-25]
CHR Extension: (Vyhledávání Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-05-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Cleaner Tool) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiaalhdnmdjlnolhicaeflcdenkjilod [2017-05-04]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-14]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-06]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-05-12]
CHR Extension: (Prezentace Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-13]
CHR Extension: (Dokumenty Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-13]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-13]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-13]
CHR Extension: (Bing) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-04-13]
CHR Extension: (Tabulky Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-13]
CHR Extension: (Skype) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-13]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-13]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-05-15]
CHR Extension: (Prezentace Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-04]
CHR Extension: (Dokumenty Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-05]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-05]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-05]
CHR Extension: (GeoGebra Math Apps) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-05-05]
CHR Extension: (Doplněk pro DámeJídlo) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cllhabecdhkflmjpoimkheipdagjobbl [2017-05-04]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2017-05-04]
CHR Extension: (Tabulky Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-04]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-05]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2017-05-12]
CHR HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] ()
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-31] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2017-02-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
R2 TMKernelHelp; C:\Windows\SysWow64\TMKernelU.dll [459432 2017-05-04] (Smart Software, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
S2 Apple Mobile Device Service; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S2 igfxCUIService2.0.0.0; %SystemRoot%\system32\igfxCUIService.exe [X]
S2 ss_conn_service; "C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe" [X]
S2 WsAppService; "C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe" [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Dr.Fone for iOS\Library\DriverInstaller\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035BDA; C:\WINDOWS\System32\Drivers\AF9035BDA.sys [492008 2015-05-17] (AfaTech ) [File not signed]
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307778.inf_amd64_c23825c387b5872c\atikmdag.sys [26570784 2017-01-10] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307778.inf_amd64_c23825c387b5872c\atikmpag.sys [535960 2017-01-10] (Advanced Micro Devices, Inc.)
U5 aswHwid; C:\Windows\System32\Drivers\aswHwid.sys [38296 2017-05-21] (AVAST Software)
U5 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [128648 2017-05-21] (AVAST Software)
U5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [75704 2017-05-21] (AVAST Software)
U5 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1007160 2017-05-21] (AVAST Software)
U5 aswSP; C:\Windows\System32\Drivers\aswSP.sys [569192 2017-05-21] (AVAST Software)
U5 aswStm; C:\Windows\System32\Drivers\aswStm.sys [158368 2017-05-21] (AVAST Software)
U5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [339696 2017-05-21] (AVAST Software)
S3 AtiDCM; C:\Program Files\AMD\CIM\Bin64\atdcm64a.sys [33992 2016-05-15] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-05-16] (Advanced Micro Devices)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [32568 2015-06-08] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [229176 2015-06-08] (Windows (R) Win 7 DDK provider)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-27] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-27] (Disc Soft Ltd)
S2 EIO; C:\windows\system32\drivers\EIO64.sys [17920 2005-10-20] (ASUSTeK Computer Inc.) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-15] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-21] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-21] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-21] (Malwarebytes)
U3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-21] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2014-03-31] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 netboostmaster; C:\WINDOWS\system32\drivers\netboostmaster.sys [2894184 2017-05-16] () [File not signed]
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6294016 2017-02-01] (Realtek Semiconductor Corporation )
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 TMKernel; C:\WINDOWS\system32\drivers\TMKernel.sys [200672 2017-05-04] (Smart Software, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-05-04] (Zemana Ltd.)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-21 15:26 - 2017-05-21 15:26 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2017-05-21 15:11 - 2017-05-21 15:11 - 00011959 _____ C:\Users\HP\Desktop\images.jpeg
2017-05-21 13:05 - 2017-05-21 13:05 - 00002018 _____ C:\Users\HP\Desktop\vPilot.lnk
2017-05-21 13:03 - 2017-05-21 13:03 - 00001853 _____ C:\Users\HP\Desktop\fsx – zástupce (2).lnk
2017-05-21 13:02 - 2017-05-21 13:02 - 00001602 _____ C:\Users\HP\Desktop\FSX – zástupce.lnk
2017-05-21 12:23 - 2017-05-21 13:10 - 00000000 ____D C:\AdwCleaner
2017-05-21 12:23 - 2017-05-21 12:23 - 04110280 _____ C:\Users\HP\Desktop\adwcleaner_6.047.exe
2017-05-21 11:28 - 2017-05-21 11:28 - 00056407 _____ C:\Users\HP\Desktop\FRST3.txt
2017-05-21 11:26 - 2017-05-21 11:29 - 00082907 _____ C:\Users\HP\Desktop\Addition.txt
2017-05-21 11:23 - 2017-05-21 17:02 - 00033041 _____ C:\Users\HP\Desktop\FRST.txt
2017-05-21 11:23 - 2017-05-21 17:01 - 00000000 ____D C:\FRST
2017-05-21 11:23 - 2017-05-21 11:23 - 00015327 _____ C:\Users\HP\Desktop\LM.bat
2017-05-21 11:22 - 2017-05-21 11:23 - 02429952 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2017-05-21 10:26 - 2017-05-21 10:26 - 00000876 _____ C:\Users\HP\Desktop\EuroScope for VACC-CZ.lnk
2017-05-21 10:02 - 2017-05-21 10:02 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-05-21 10:02 - 2017-05-21 10:02 - 00000034 _____ C:\WINDOWS\AvEmUpdate.ini
2017-05-21 10:02 - 2017-05-21 10:00 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-21 10:02 - 2017-05-21 10:00 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-21 10:02 - 2017-05-21 10:00 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-05-21 10:02 - 2017-05-21 10:00 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-21 10:02 - 2017-05-21 10:00 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-21 10:02 - 2017-05-21 10:00 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-21 10:02 - 2017-05-21 10:00 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-21 10:02 - 2017-05-21 09:59 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-21 10:02 - 2017-05-21 09:59 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-21 10:02 - 2017-05-21 09:59 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-21 10:02 - 2017-05-21 09:59 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-21 10:02 - 2017-05-21 09:59 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-21 10:00 - 2017-05-21 10:00 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-21 09:56 - 2017-05-21 09:56 - 00000077 ____H C:\Users\HP\Desktop\.~lock.Österreich.docx#
2017-05-20 10:33 - 2017-05-20 10:33 - 00000000 ____D C:\Users\HP\AppData\Roaming\.mono
2017-05-20 10:33 - 2017-05-20 10:33 - 00000000 ____D C:\ProgramData\.mono
2017-05-19 21:02 - 2017-05-19 23:50 - 00000000 ____D C:\Users\sikipedia\AppData\LocalLow\Mozilla
2017-05-19 21:01 - 2017-05-19 21:06 - 00000000 ____D C:\Users\sikipedia\AppData\Local\Mozilla
2017-05-19 21:01 - 2017-05-19 21:02 - 00000000 ____D C:\Users\sikipedia\AppData\Roaming\Mozilla
2017-05-19 21:00 - 2017-05-19 21:00 - 00000000 ____D C:\Users\sikipedia\AppData\Roaming\Google
2017-05-19 19:43 - 2017-05-19 19:43 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Blizzard Entertainment
2017-05-19 19:43 - 2017-05-19 19:43 - 00000000 ____D C:\Users\HP\AppData\Local\Blizzard
2017-05-19 19:36 - 2017-05-20 11:14 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-05-19 19:36 - 2017-05-19 19:36 - 00000000 ____D C:\Users\HP\AppData\Local\Blizzard Entertainment
2017-05-19 19:36 - 2017-05-19 19:36 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-05-19 19:35 - 2017-05-20 20:28 - 00000000 ____D C:\Users\HP\AppData\Local\Battle.net
2017-05-19 19:35 - 2017-05-20 20:21 - 00000000 ____D C:\Program Files (x86)\Blizzard App
2017-05-19 19:35 - 2017-05-19 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-05-19 19:28 - 2017-05-20 10:37 - 00000000 ____D C:\Users\HP\AppData\Roaming\Battle.net
2017-05-19 19:27 - 2017-05-19 19:28 - 00000000 ____D C:\ProgramData\Battle.net
2017-05-16 17:52 - 2017-05-20 22:48 - 00000176 _____ C:\WINDOWS\wininit.ini
2017-05-15 18:11 - 2017-05-21 13:32 - 00000000 ____D C:\Users\HP\AppData\LocalLow\BitTorrent
2017-05-15 17:32 - 2017-05-15 17:39 - 00000270 __RSH C:\ProgramData\ntuser.pol
2017-05-15 17:06 - 2017-05-21 14:39 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-15 17:06 - 2017-05-21 13:30 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-15 17:06 - 2017-05-21 13:30 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-15 17:06 - 2017-05-15 17:06 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-15 17:05 - 2017-05-21 13:30 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-15 17:05 - 2017-05-15 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-15 17:05 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-15 17:04 - 2017-05-15 17:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-15 17:04 - 2017-05-15 17:04 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-10 20:24 - 2017-05-10 20:24 - 00000000 ___HD C:\$SysReset
2017-05-10 20:21 - 2017-05-21 13:48 - 00000000 ____D C:\Program Files\UNP
2017-05-10 20:21 - 2017-05-15 20:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 17:00 - 2017-05-10 17:00 - 00000000 ____D C:\Users\HP\AppData\Roaming\Google
2017-05-09 21:24 - 2017-05-09 21:24 - 00000000 ____D C:\Users\HP\AppData\Local\ESET
2017-05-05 21:46 - 2017-05-14 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2017-05-05 18:38 - 2017-05-21 17:00 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla
2017-05-05 16:16 - 2017-05-05 16:16 - 00000000 ____D C:\ProgramData\XLiPlatform
2017-05-05 16:13 - 2017-05-21 13:29 - 02785072 _____ C:\WINDOWS\netboostmasterHelp.dll
2017-05-05 16:13 - 2017-05-16 15:05 - 02894184 _____ C:\WINDOWS\system32\Drivers\netboostmaster.sys
2017-05-05 16:13 - 2017-05-05 16:13 - 02930016 _____ C:\WINDOWS\system32\Drivers\F785D4AC4C7B.dat
2017-05-05 15:49 - 2017-05-05 16:13 - 00000000 ____D C:\ProgramData\Cache
2017-05-04 21:17 - 2017-05-21 17:02 - 00150979 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-05-04 21:17 - 2017-05-11 16:18 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-05-04 21:17 - 2017-05-10 17:02 - 00064840 _____ C:\WINDOWS\ZAM.krnl.trace
2017-05-04 21:17 - 2017-05-04 21:17 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-05-04 21:17 - 2017-05-04 21:17 - 00000000 ____D C:\Users\HP\AppData\Local\Zemana
2017-05-04 21:12 - 2017-05-04 20:03 - 00459432 _____ (Smart Software, Inc.) C:\WINDOWS\SysWOW64\TMKernelU.dll
2017-05-04 21:12 - 2017-05-04 20:03 - 00200672 _____ (Smart Software, Inc.) C:\WINDOWS\system32\Drivers\TMKernel.sys
2017-05-04 20:58 - 2017-05-04 20:58 - 00000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙
2017-05-04 20:50 - 2017-05-04 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-05-04 20:50 - 2017-05-04 20:50 - 00000000 ____D C:\Program Files\7-Zip
2017-05-04 20:30 - 2017-05-04 20:30 - 00003224 _____ C:\WINDOWS\System32\Tasks\{C6F8C07D-8BBE-4995-936E-A385F509E6F6}
2017-05-04 20:26 - 2017-05-04 20:26 - 00000000 ___HD C:\$AV_ASW
2017-05-04 20:22 - 2017-05-21 10:02 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-04 20:20 - 2017-05-15 18:05 - 00000000 ____D C:\Program Files\AVAST Software
2017-05-04 20:03 - 2017-05-05 15:31 - 00000000 ____D C:\Program Files (x86)\WindowsTM
2017-05-04 20:03 - 2017-05-04 20:03 - 00000000 ____D C:\Users\Public\Documents\XMUpdate
2017-05-04 19:59 - 2017-05-04 20:02 - 00000000 ____D C:\Users\HP\AppData\Local\Vegether
2017-05-04 19:59 - 2017-05-04 19:59 - 00140800 _____ C:\Users\HP\AppData\Local\installer.dat
2017-05-04 19:59 - 2017-05-04 19:59 - 00011568 _____ C:\Users\HP\AppData\Local\InstallationConfiguration.xml
2017-05-04 19:59 - 2017-05-04 19:59 - 00002339 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2017-05-04 19:59 - 2017-05-04 19:59 - 00002339 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2017-05-04 19:59 - 2017-05-04 19:59 - 00000000 ____D C:\Users\Default\AppData\Local\MicrosoftEdge
2017-05-04 19:59 - 2017-05-04 19:59 - 00000000 ____D C:\Users\Default User\AppData\Local\MicrosoftEdge
2017-05-04 19:58 - 2017-05-04 21:11 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2017-05-04 19:58 - 2017-05-04 20:42 - 00000000 ____D C:\ProgramData\{D7042157-60AF-96FC-5403-426BCB970794}
2017-05-04 19:57 - 2017-05-09 20:22 - 00004912 _____ C:\WINDOWS\System32\Tasks\Ghasotunet Schedule
2017-05-04 19:57 - 2017-05-05 15:31 - 00000000 ____D C:\Users\HP\AppData\Roaming\Plewughtdrbety
2017-05-04 19:57 - 2017-05-04 21:11 - 00000000 ____D C:\Users\HP\AppData\Roaming\Seznam.cz
2017-05-04 19:56 - 2017-05-04 20:02 - 00000000 ____D C:\Users\HP\AppData\Local\Coersybufing
2017-05-04 19:01 - 2017-05-04 19:01 - 00000000 ____D C:\Users\HP\Documents\DbgLogs
2017-05-02 21:56 - 2017-05-02 22:07 - 3527863071 _____ C:\Users\HP\Desktop\Vyvrtky.mp4
2017-05-02 21:42 - 2017-05-02 21:42 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2017-05-02 21:42 - 2017-05-02 21:42 - 00000000 ____D C:\Program Files (x86)\Movie Maker 2.6
2017-04-28 18:53 - 2017-04-28 18:53 - 00000000 ____D C:\Program Files (x86)\Aerosoft
2017-04-26 20:31 - 2017-04-26 20:31 - 00000000 ____D C:\Users\sikipedia\AppData\Roaming\Foxit Software
2017-04-26 20:15 - 2017-04-26 20:15 - 01175428 _____ C:\Users\sikipedia\Desktop\pokyny_prehled_2016.pdf
2017-04-26 20:15 - 2017-04-26 20:15 - 00371143 _____ C:\Users\sikipedia\Desktop\89324_16prehleddefverze.pdf
2017-04-26 20:14 - 2017-04-26 20:14 - 00065158 _____ C:\Users\sikipedia\Downloads\formular-za-rok-2016 (1).pdf
2017-04-26 20:06 - 2017-04-26 20:06 - 46047680 _____ ( ) C:\Users\sikipedia\Downloads\AdbeRdr11000_cs_CZ.exe
2017-04-26 20:05 - 2017-04-26 20:05 - 00156176 _____ C:\Users\sikipedia\Downloads\pouceni-2016.pdf
2017-04-26 20:04 - 2017-04-26 20:05 - 00065158 _____ C:\Users\sikipedia\Downloads\formular-za-rok-2016.pdf
2017-04-25 20:51 - 2017-05-05 22:11 - 00000000 ____D C:\Users\HP\AppData\Local\Deployment
2017-04-25 20:51 - 2017-04-25 20:51 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vroute
2017-04-25 19:18 - 2017-04-25 19:20 - 00000000 ____D C:\EuroScope for VACC-CZ
2017-04-25 19:18 - 2017-04-25 19:18 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroScope for VACC-CZ.lnk
2017-04-25 19:18 - 2017-04-25 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroScope for VACC-CZ
2017-04-25 19:14 - 2017-04-25 19:20 - 00000000 ____D C:\Users\HP\AppData\Local\VACC-CZ.org
2017-04-25 19:09 - 2017-05-02 15:57 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-04-23 15:52 - 2017-04-23 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drzewiecki Design
2017-04-23 11:03 - 2017-04-23 11:03 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PWDT Zlin Z-142
2017-04-23 10:37 - 2017-04-23 10:38 - 00000000 ____D C:\ProgramData\InstallMate
2017-04-23 10:37 - 2017-04-23 10:37 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-21 17:02 - 2016-06-10 16:00 - 00000000 ____D C:\Users\HP\AppData\Roaming\BitTorrent
2017-05-21 14:44 - 2017-01-17 18:10 - 00000000 ____D C:\Users\HP\AppData\Roaming\vlc
2017-05-21 13:48 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-21 13:38 - 2015-04-14 19:51 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 13:32 - 2015-04-17 17:38 - 00000000 ____D C:\Users\HP\AppData\Local\LogMeIn Hamachi
2017-05-21 13:29 - 2016-08-31 18:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-21 13:29 - 2016-08-31 18:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-21 13:23 - 2016-08-31 18:13 - 00000000 ____D C:\Users\HP
2017-05-21 13:12 - 2016-08-31 18:08 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-21 13:12 - 2016-07-16 08:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-05-21 11:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-21 10:03 - 2015-04-14 19:44 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-21 09:53 - 2015-05-21 18:34 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-20 22:58 - 2014-12-30 13:46 - 00000000 ____D C:\Users\HP\AppData\Local\VirtualStore
2017-05-20 22:48 - 2016-12-31 22:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-20 22:40 - 2015-05-05 16:07 - 00007598 _____ C:\Users\HP\AppData\Local\resmon.resmoncfg
2017-05-20 22:40 - 2015-05-01 11:52 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-05-20 21:12 - 2016-08-31 18:08 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-20 21:12 - 2015-04-24 19:43 - 00000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2017-05-20 21:07 - 2016-08-31 19:56 - 00678126 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-20 21:07 - 2016-08-31 19:56 - 00164654 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-20 21:07 - 2016-08-31 18:13 - 02011578 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-20 12:07 - 2015-04-14 18:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-05-20 11:00 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-20 10:39 - 2016-08-31 18:13 - 00000000 ____D C:\Users\sikipedia
2017-05-19 21:01 - 2015-04-20 17:13 - 00000000 ____D C:\Users\sikipedia\AppData\Local\LogMeIn Hamachi
2017-05-19 20:58 - 2015-05-17 18:45 - 00000000 __SHD C:\Users\sikipedia\IntelGraphicsProfiles
2017-05-19 20:58 - 2015-04-20 17:12 - 00000000 ____D C:\Users\sikipedia\AppData\Local\Packages
2017-05-17 16:13 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-17 16:11 - 2015-05-03 09:04 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-05-15 18:46 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-15 18:08 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-15 17:23 - 2015-06-09 20:39 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2017-05-14 21:29 - 2014-10-16 19:56 - 00276302 ____N C:\WINDOWS\Minidump\051417-30843-01.dmp
2017-05-14 20:30 - 2014-10-16 19:56 - 00278542 ____N C:\WINDOWS\Minidump\051417-30234-01.dmp
2017-05-14 19:16 - 2017-03-29 21:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-14 19:16 - 2015-04-17 14:56 - 00000000 ____D C:\ProgramData\Skype
2017-05-14 19:06 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-12 15:28 - 2015-04-18 07:02 - 00000000 ____D C:\Users\HP\AppData\Roaming\TS3Client
2017-05-10 17:00 - 2016-08-31 18:34 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-10 17:00 - 2016-08-31 18:34 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-09 22:09 - 2014-10-16 19:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-09 21:05 - 2014-10-16 19:55 - 00000000 ___RD C:\Program Files (x86)\Online Services
2017-05-09 20:47 - 2016-12-30 19:54 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-05-09 20:23 - 2016-08-31 18:34 - 00003320 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16DD2DCE-FF2D-47C3-852A-B4E3FCC1EE69}
2017-05-09 20:23 - 2016-08-31 18:34 - 00002878 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2155241757-1009964524-706664212-1005
2017-05-09 20:20 - 2015-04-17 07:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 20:15 - 2015-04-17 07:05 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-05 21:45 - 2016-08-31 18:13 - 00000000 ____D C:\Users\kamila
2017-05-04 21:13 - 2016-12-30 19:53 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-05-04 21:03 - 2016-12-30 19:54 - 00000000 ____D C:\Program Files\Bonjour
2017-05-04 20:51 - 2016-01-29 14:53 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-05-04 20:51 - 2016-01-29 14:53 - 00000000 ____D C:\Program Files (x86)\Java
2017-05-04 20:51 - 2016-01-28 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-05-04 20:51 - 2015-09-18 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-04 20:50 - 2015-11-17 16:50 - 00000000 ____D C:\Program Files (x86)\7-Zip
2017-05-04 20:27 - 2015-04-24 19:42 - 00000000 ____D C:\Temp
2017-05-04 19:58 - 2016-08-31 18:23 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2017-05-04 19:58 - 2016-08-31 18:23 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2017-05-04 19:57 - 2016-08-31 19:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-04 19:56 - 2014-10-16 19:43 - 00000000 ____D C:\Program Files\Hewlett-Packard
2017-05-04 19:10 - 2015-04-17 17:21 - 00000000 ____D C:\Users\HP\Documents\Flight Simulator X Files
2017-05-04 19:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-04 19:01 - 2014-10-16 19:50 - 00000000 ____D C:\ProgramData\Temp
2017-05-04 18:25 - 2014-12-30 13:46 - 00000000 ____D C:\Users\HP\AppData\Local\Packages
2017-04-29 02:59 - 2017-03-20 17:35 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2017-03-20 17:35 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-26 14:22 - 2017-01-04 20:25 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-26 14:22 - 2015-10-01 20:11 - 00002439 _____ C:\Users\sikipedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-26 14:22 - 2015-10-01 20:11 - 00000000 ___RD C:\Users\sikipedia\OneDrive
2017-04-26 14:20 - 2015-09-10 07:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-25 19:28 - 2016-08-31 18:04 - 00443048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-25 19:09 - 2015-10-02 15:05 - 00000000 ____D C:\Users\HP\AppData\Roaming\TeamViewer
2017-04-23 21:08 - 2017-01-01 18:06 - 00000000 ____D C:\Users\HP\Desktop\plocha
2017-04-22 20:40 - 2015-04-16 06:23 - 00000000 ____D C:\Users\HP\Documents\Euro Truck Simulator 2
2017-04-22 19:35 - 2016-12-16 16:11 - 00000000 ____D C:\ProgramData\TruckersMP

==================== Files in the root of some directories =======

2017-01-17 19:41 - 2017-01-17 19:43 - 0004608 _____ () C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-04 19:59 - 2017-05-04 19:59 - 0011568 _____ () C:\Users\HP\AppData\Local\InstallationConfiguration.xml
2017-05-04 19:59 - 2017-05-04 19:59 - 0140800 _____ () C:\Users\HP\AppData\Local\installer.dat
2015-06-15 20:43 - 2015-06-15 20:43 - 0000600 _____ () C:\Users\HP\AppData\Local\PUTTY.RND
2015-05-05 16:07 - 2017-05-20 22:40 - 0007598 _____ () C:\Users\HP\AppData\Local\resmon.resmoncfg
2015-05-18 18:42 - 2015-05-18 18:42 - 0000794 _____ () C:\Users\HP\AppData\Local\Temp-log.txt
2015-06-02 15:40 - 2015-06-02 15:40 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-06-08 19:28 - 2015-06-09 17:30 - 0000030 _____ () C:\ProgramData\droidcam-settings

Some files in TEMP:
====================
2017-05-20 21:15 - 2017-05-20 21:15 - 0207208 _____ () C:\Users\HP\AppData\Local\Temp\ezdok.exe
2017-05-15 20:42 - 2014-05-15 12:56 - 6730304 _____ (Foxit Corporation) C:\Users\HP\AppData\Local\Temp\Foxit PhantomPDF Updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD.

LastRegBack: 2017-05-15 20:13

==================== End of FRST.txt ============================

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 17:01
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [BingSvc] => C:\Users\HP\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-13] (© 2015 Microsoft Corporation)
C:\Users\HP\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {02e0aabc-57c4-11e6-82c4-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {2332b6ab-1056-11e7-82e1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {2332b6b9-1056-11e7-82e1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {414bfc3a-089a-11e6-82b0-54bef724c525} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {555049cc-739a-11e6-82ca-54bef724c525} - "I:\CDSAMPLE\AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {90f122a6-c90d-11e6-82da-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {9d30ffeb-29dc-11e7-82e6-54bef724c525} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {d84b09d9-98ed-11e6-82d1-54bef724c525} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {e633911b-4fdc-11e6-82c1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\fiuj1dqg.default -> initialpage123
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\fiuj1dqg.default -> initialpage123
CHR Extension: (Bing) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-04-13]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-05-04] (Zemana Ltd.)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
C:\WINDOWS\system32\Drivers\zamguard64.sys
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files\Bonjour
C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 20:08
od taumata
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-05-2017
Ran by HP (21-05-2017 21:03:04) Run:1
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP & sikipedia & kamila)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\Run: [BingSvc] => C:\Users\HP\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-13] (� 2015 Microsoft Corporation)
C:\Users\HP\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {02e0aabc-57c4-11e6-82c4-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {2332b6ab-1056-11e7-82e1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {2332b6b9-1056-11e7-82e1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {414bfc3a-089a-11e6-82b0-54bef724c525} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {555049cc-739a-11e6-82ca-54bef724c525} - "I:\CDSAMPLE\AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {90f122a6-c90d-11e6-82da-54bef724c525} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {9d30ffeb-29dc-11e7-82e6-54bef724c525} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {d84b09d9-98ed-11e6-82d1-54bef724c525} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\...\MountPoints2: {e633911b-4fdc-11e6-82c1-54bef724c525} - "F:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\fiuj1dqg.default -> initialpage123
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\fiuj1dqg.default -> initialpage123
CHR Extension: (Bing) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-04-13]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-05-04] (Zemana Ltd.)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
C:\WINDOWS\system32\Drivers\zamguard64.sys
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files\Bonjour
C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value could not remove.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value could not remove.
C:\Users\HP\AppData\Local\Microsoft\BingSvc => moved successfully
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02e0aabc-57c4-11e6-82c4-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{02e0aabc-57c4-11e6-82c4-54bef724c525} => key not found.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2332b6ab-1056-11e7-82e1-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{2332b6ab-1056-11e7-82e1-54bef724c525} => key not found.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2332b6b9-1056-11e7-82e1-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{2332b6b9-1056-11e7-82e1-54bef724c525} => key not found.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{414bfc3a-089a-11e6-82b0-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{414bfc3a-089a-11e6-82b0-54bef724c525} => key not found.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{555049cc-739a-11e6-82ca-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{555049cc-739a-11e6-82ca-54bef724c525} => key not found.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90f122a6-c90d-11e6-82da-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{90f122a6-c90d-11e6-82da-54bef724c525} => key not found.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d30ffeb-29dc-11e7-82e6-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{9d30ffeb-29dc-11e7-82e6-54bef724c525} => key not found.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d84b09d9-98ed-11e6-82d1-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{d84b09d9-98ed-11e6-82d1-54bef724c525} => key not found.
HKU\S-1-5-21-2155241757-1009964524-706664212-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e633911b-4fdc-11e6-82c1-54bef724c525} => key could not remove, key could be protected
HKCR\CLSID\{e633911b-4fdc-11e6-82c1-54bef724c525} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key could not remove, key could be protected
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key could not remove, key could be protected
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd => moved successfully
HKLM\System\CurrentControlSet\Services\Bonjour Service => key could not remove, key could be protected
ZAM_Guard => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\ZAM => key could not remove, key could be protected
C:\WINDOWS\system32\Drivers\zamguard64.sys => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Program Files\Bonjour => moved successfully
C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 45948 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 260246710 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 177173418 B
Edge => 5869 B
Chrome => 110557303 B
Firefox => 378222727 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 13708 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 9160 B
NetworkService => 28950620 B
HP => 241089292 B
sikipedia => 130873784 B
kamila => 38397 B

RecycleBin => 5634860632 B
EmptyTemp: => 6.5 GB temporary data Removed.

================================

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 20:09
od Rudy
Smazáno. Nastala nějaká změna?

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 20:12
od taumata
vypadá, že je vše ok. Já moc děkuju za pomoc :D :D :D :D :D :D

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 20:16
od taumata
hmmm.... tak nic :-( zase uz se zakazalo ctrl+alt+delete.

Re: Ctrl+alt+delete

Napsal: 21 kvě 2017 20:56
od Rudy
Ještě uděláme kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log po skončení skenu a předem nic nemažte. Obávám se, že ja to systémová záležitost.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz